From e546e8ff516328a6500b68a7ebb72882f8ff4df7 Mon Sep 17 00:00:00 2001
From: Thomas Gerbet <thomas@gerbet.me>
Date: Thu, 20 Jun 2024 23:45:05 +0200
Subject: [PATCH] libndp: apply patch for CVE-2024-5564

---
 pkgs/development/libraries/libndp/default.nix | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/pkgs/development/libraries/libndp/default.nix b/pkgs/development/libraries/libndp/default.nix
index 436045da89fb..953b1101e709 100644
--- a/pkgs/development/libraries/libndp/default.nix
+++ b/pkgs/development/libraries/libndp/default.nix
@@ -1,4 +1,4 @@
-{ lib, stdenv, fetchurl, autoreconfHook }:
+{ lib, stdenv, fetchurl, fetchpatch, autoreconfHook }:
 
 stdenv.mkDerivation rec {
   pname = "libndp";
@@ -9,6 +9,15 @@ stdenv.mkDerivation rec {
     sha256 = "sha256-iP+2buLrUn8Ub1wC9cy8OLqX0rDVfrRr+6SIghqwwCs=";
   };
 
+  patches = [
+    (fetchpatch {
+      # https://github.com/jpirko/libndp/issues/26
+      name = "CVE-2024-5564.patch";
+      url = "https://github.com/jpirko/libndp/commit/05e4ba7b0d126eea4c04387dcf40596059ee24af.patch";
+      hash = "sha256-O7AHjCqic7iUfMbKYLGgBAU+wdR9/MDWxBWJw+CFn/c=";
+    })
+  ];
+
   nativeBuildInputs = [ autoreconfHook ];
 
   configureFlags = lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [